The United States has just announced the arrest of Cameron John Wagenius, a 20-year-old American soldier accused of reselling hacked data on the web. Behind the pseudonym Kiberphant0m, the young man sold "confidential telephone recordings" on black markets. A communications specialist, the soldier was posted to South Korea for the past two years.
Among the data put up for sale by Cameron John Wagenius are the call logs of Donald Trump and his Democratic rival, Kamala Harris. The detailed recordings of the phone calls were put up for sale last November on BreachForums, the hub for stolen data.
The Snowflake Data Leak
According to information from Brian Krebs, an American journalist specializing in cybersecurity, Kiberphant0m obtained the data through an accomplice involved in the hacking of hundreds of Snowflake customers. Last year, the cloud giant suffered a massive data leak. Hundreds of identifiers were stolen by viruses specialized in exfiltrating information.
It was through these identifiers that hackers were able to penetrate the systems of the American operator AT&T. They were then able to seize the telephone numbers (landline and mobile) with which an AT&T subscriber was in contact between May 1 and October 31, 2022. More than 100 million subscribers were affected. It is likely that this leak allowed Kiberphant0m to get its hands on the call logs of the two politicians, although the authenticity of the data has not yet been proven.
The hacker claims to have compromised fifteen telecommunications operators. In addition, he claims to have stolen "remote access credentials for a major American defense contractor", explains Brian Krebs, who spoke with the cybercriminal's mother.
By her admission, her son collaborated with Connor Riley Moucka, one of the two people responsible for the Snowflake data leak. He was arrested in October in Canada, months after his accomplice, John Erin Binns. The hacker fell into the hands of justice during an operation in Turkey. On black markets, the soldier put up for sale a large quantity of tools for cybercriminals, including access to a botnet designed for DDoS attacks.
A mistake and a speed record
It was the cybersecurity company Unit 221B that allowed law enforcement to track down the cybercriminal. As Allison Nixon, research director of the New York group, explains, Wagenius made a security mistake at the beginning of November. It was this blunder that betrayed the hacker's anonymity. According to the official, "law enforcement has set a record for speed in handling a U.S. federal cyber case, the fastest I have seen in my career."
Cameron John Wagenius, charged with two counts of illegally transmitting confidential telephone records, faces several years in prison for violating U.S. federal laws.
Source: KrebsonSecurity
0 Comments